<?php

// ticketMeister
// Ticket Status Updater
// Copyright (c) 2012 
// B. Michael Tomaino

require_once 'db_config.php';
$db=new mysqli(DB_HOST,DB_USER,DB_PASSWORD,DB_DATABASE);

if( $_GET['state']=='open' ) { // Start a new ticket!

	// First get question text and handler/recipient data
	$query="SELECT * FROM question WHERE question_id=".$_GET['subcategory'];
	$result=mysqli_query($db,$query);
	$question=mysqli_fetch_assoc($result);
	mysqli_free_result($result);
	$handler=$question['recipient'];
	$subcategory=$question['question'];
	
	$message=$_GET['message'];
	$author=$_GET['author'];
	$ticketType=$_GET['category'].$subcategory;

	// create ticket_id;
	$query="INSERT INTO ticket_id values (NULL)";
	$result=mysqli_query($db,$query);// or die('Error creating ticket_id.');
	$insert_id=mysqli_insert_id($db);

	// create ticket_state (unverified)
	$query="INSERT INTO ticket_state values (NULL,$insert_id,'open','$message','$author','$handler','$author',NOW(),'active','$ticketType','unverified')";
	$result=mysqli_query($db,$query);// or die('Error creating ticket_state.');

	//create auth code (secret_word+ticket_id+author)
	$authcode=sha1('caca'.$insert_id.$author);
	
	// send confirmation email

	// give ticket #
	header("Location:viewTicket.php?ticket_id=$insert_id&authcode=$authcode&user=$author");
} else if($_GET['state']=='transferred') {
	// precondition:  in order to enter "transferred" state, 
	// submitter must be handler

} else if($_GET['state']=='solution') {
	// precondition:  in order to enter "solution offered" state, 
	// must be in "working on", "reopened", or "open" state
	// AND submitter must be handler

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if($_GET['state']=='need') {
	// precondition:  in order to enter "need info" state, 
	// must be in "working on", "reopened", or "open" state
	// AND submitter must be handler

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if($_GET['state']=='reopened') {
	// precondition:  in order to enter "reopened" state, 
	// must be in "solution offered" or "need info"
	// AND submitter must be creator 

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if($_GET['state']=='working') {
	// precondition:  in order to enter "working on" state, 
	// must be in "open" or "reopened"
	// AND submitter must be handler 

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if($_GET['state']=='canceled') {
	// precondition:  in order to enter "canceled" state, 
	// submitter must be handler 

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if($_GET['state']=='closed') {
	// precondition:  in order to enter "closed" state, 
	// must be in "solution offered" 
	// submitter must be creator 

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if($_GET['state']=='archived') {
	// precondition:  in order to enter "archived" state, 
	// must be in "closed" or "canceled" 
	// submitter must be handler 

	// retrieve current ticket information
	// check permission
	// create new state OR return error message

} else if(isset($_GET['conirm_ticket'])) {

}
mysqli_close($db);
?>
